Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

6a43e61d45...e8.exe

windows7-x64

8

6a43e61d45...e8.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    30/10/2023, 12:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6a43e61d45db8b1608a2d51dc99a824fa15666dda7274e53d04d81fcfce645e8.exe

  • Size

    4.8MB

  • MD5

    db12ad4b9b13d0222d7edbf20023735b

  • SHA1

    c76a13029399a1a1dfa18f688d3802a429f0af62

  • SHA256

    6a43e61d45db8b1608a2d51dc99a824fa15666dda7274e53d04d81fcfce645e8

  • SHA512

    a7611f5a383a11201a4a2c16bd48808593a95683a7e97bc4e6ce899b6ded5ffa129645c600728d41b6b6b5f1cb9f5c5d916ff50d92fd8ba16cc4b91285302d45

  • SSDEEP

    98304:7TVlYQiFIUueAAu2PkcCO3LUKdzOJDb4v+es:NlY02PkcFwN0v+es

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6a43e61d45db8b1608a2d51dc99a824fa15666dda7274e53d04d81fcfce645e8.exe
    "C:\Users\Admin\AppData\Local\Temp\6a43e61d45db8b1608a2d51dc99a824fa15666dda7274e53d04d81fcfce645e8.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    3KB

    MD5

    65c1db3fe6ca50357df42014195f6863

    SHA1

    1b33235e0b6099bc8834e5ec23f2f8f3cf84b503

    SHA256

    75b2299795cfc82c9fb0f751c6ff2308fba71b6855a17886edb1eea17978f0d3

    SHA512

    e8478305a050cd70daf91a5c5db0ab9085a04206087d9994d156ee20fd02081afe6bf0e244575512cc04cee16d800becaadf1ebad927385deeedf950b10b95c6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    8de5e699f97228541f063ac35a506cfd

    SHA1

    78fac5f87f2930d578936bf90a750c7f01835d50

    SHA256

    5f57663b98fc83dcc0ea56f4de1772db05b1d551e8ac271f8966d0f822cfc6c3

    SHA512

    323987b813c7994c27becb6489f4982c239957cfab8288c75b7d5ac15c8d8f8c827897f8f94503b209f6ea47c72c78657eac8c1c797fad06ce20477b64a39261

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    62a8e078cde1c2daf464f0a4bfdd36c8

    SHA1

    8ad6c239dfc1ac3f088b5a8ab567d67c48444f27

    SHA256

    6252f5719b03d8ae229e3b87ec3b734f764bc6d38c3ff8a1ae5bba9cccf9890c

    SHA512

    af5fa743ec1bb769eb0f7ebd94c646a5f11da5454ada5ebc96f8c07450650d3ed7068fab8bb8e1693d9927a48634902ffa750fe1e1b9e7b900624680dda2e34a

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3237.tmp
    Filesize

    140.7MB

    MD5

    433c875775a97c39b365939bfebec2e9

    SHA1

    602d0c9bf071cfdaa4da02a27f1ca58aba83496f

    SHA256

    28a418009abe73726a188a13006b30283795eb7f55588ec8b37d51d3a977ceb0

    SHA512

    3baef936a357eaddef3264e4487cdf881237204febaeaa582d3d5dff57ee96af403bf1c24d4344a3a740cde5a348472779fc1ead37892f05efb7972c33cecd05

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3237.tmp
    Filesize

    140.7MB

    MD5

    433c875775a97c39b365939bfebec2e9

    SHA1

    602d0c9bf071cfdaa4da02a27f1ca58aba83496f

    SHA256

    28a418009abe73726a188a13006b30283795eb7f55588ec8b37d51d3a977ceb0

    SHA512

    3baef936a357eaddef3264e4487cdf881237204febaeaa582d3d5dff57ee96af403bf1c24d4344a3a740cde5a348472779fc1ead37892f05efb7972c33cecd05

    Download Submit